Skip to content

Commit aaa1f45

Browse files
sbaidachnisbaidachni
committed
update script config search permissions
1 parent 28f61fe commit aaa1f45

File tree

2 files changed

+3
-15
lines changed

2 files changed

+3
-15
lines changed

infra/main.search_configuration.tf

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -244,7 +244,7 @@ resource "time_sleep" "wait_for_rbac" {
244244
azurerm_role_assignment.script_main_storage_file_contributor,
245245
# AI Search permissions
246246
azurerm_role_assignment.script_search_service_contributor,
247-
azurerm_role_assignment.script_search_index_data_contributor,
247+
# azurerm_role_assignment.script_search_index_data_contributor,
248248
# Azure OpenAI permissions
249249
azurerm_role_assignment.script_cognitive_services_openai_user,
250250
# Other permissions
@@ -266,7 +266,7 @@ resource "time_sleep" "wait_for_storage_network" {
266266
resource "time_sleep" "wait_for_search_permissions" {
267267
depends_on = [
268268
azurerm_role_assignment.script_search_service_contributor,
269-
azurerm_role_assignment.script_search_index_data_contributor,
269+
# azurerm_role_assignment.script_search_index_data_contributor,
270270
time_sleep.wait_for_rbac
271271
]
272272
create_duration = "30s"
@@ -463,7 +463,7 @@ resource "null_resource" "verify_rbac_propagation" {
463463
azurerm_role_assignment.script_deployment_container_file_owner,
464464
# AI Search permissions
465465
azurerm_role_assignment.script_search_service_contributor,
466-
azurerm_role_assignment.script_search_index_data_contributor,
466+
# azurerm_role_assignment.script_search_index_data_contributor,
467467
# Azure OpenAI permissions
468468
azurerm_role_assignment.script_cognitive_services_openai_user
469469
]

infra/main.security.tf

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -48,18 +48,6 @@ resource "azurerm_role_assignment" "script_search_service_contributor" {
4848
role_definition_name = "Search Service Contributor"
4949
}
5050

51-
resource "azurerm_role_assignment" "script_search_index_data_contributor" {
52-
principal_id = azurerm_user_assigned_identity.script_identity.principal_id
53-
scope = azurerm_search_service.ai_search.id
54-
role_definition_name = "Search Index Data Contributor"
55-
}
56-
57-
resource "azurerm_role_assignment" "script_search_index_data_reader" {
58-
principal_id = azurerm_user_assigned_identity.script_identity.principal_id
59-
scope = azurerm_search_service.ai_search.id
60-
role_definition_name = "Search Index Data Reader"
61-
}
62-
6351
# --- Main Storage Account Permissions ---
6452

6553
resource "azurerm_role_assignment" "script_main_storage_queue_contributor" {

0 commit comments

Comments
 (0)